Florian Festi
Florian Festi
This requires adjusting a number of test that reflect the ordering. The changes in tests/rpmsigdig.at look straight forward and correct - just changing the order in which the signatures and...
There is an empty line / new line moving around. ``` ## ---------------------- ## ## Detailed failed tests. ## ## ---------------------- ## # -*- compilation -*- 12. rpmgeneral.at:401: testing urlhelper...
Originally reported at https://bugzilla.redhat.com/show_bug.cgi?id=2297927: ``` # rpm -q rpm rpm-4.19.92-2.fc41.x86_64 # rpmsign --addsign --signfiles --fskpath=/etc/keys/privkey_evm.pem /root/rpmbuild/RPMS/noarch/rpm-ima-sign-test-1-1.noarch.rpm /root/rpmbuild/RPMS/noarch/rpm-ima-sign-test-1-1.noarch.rpm: error: sign_hash failed error: signFile failed ``` This is a regression compared to...
useradd needs both /etc/group and /etc/login.defs to work. It does chroot into a new system and then looks for these files. While this is technically correct it is a bit...
RPM refuses to follow non root owned symlinks pointing to files owned by another user for security reasons. This case was lumped in with other issues resulting in us setting...
Right now neither rpmbuild nor rpm verify that all the necessary tags are in a package and they have the right content/length. We need the means to define which tags...
This does not yet adjust the test cases. So 198 209 216 217 220 221 222 223 226 227 are failing due to unexpected key finger prints. Can probably be...
AC: * Key stash is moved to a dynamic data type like the rpmts or the keyring * The key stash is using the long KeyIDs
Currently rpmkeys --list only give the version, release and summary of the gpg-pubkey packages aka short key ID, creation time and issuer. There is now way to get the fingerprint...
Key IDs (even long ones) can have collisions - especially when an attacker tries to generate them on purpose. The right behavior is to try all keys with matching key...